aboutsummaryrefslogtreecommitdiffstats
path: root/security/vuxml/vuln.xml
diff options
context:
space:
mode:
authormandree <mandree@FreeBSD.org>2017-09-28 05:13:23 +0800
committermandree <mandree@FreeBSD.org>2017-09-28 05:13:23 +0800
commit818e5a7dec907b4a879138e13cfd6c7dbd2f71ca (patch)
tree22b35e7d2bf51f39a4340dbc55f6090ffb12ffc2 /security/vuxml/vuln.xml
parent3ffa26bb4dda9983b1b80cc17f39f7039580c1dc (diff)
downloadfreebsd-ports-gnome-818e5a7dec907b4a879138e13cfd6c7dbd2f71ca.tar.gz
freebsd-ports-gnome-818e5a7dec907b4a879138e13cfd6c7dbd2f71ca.tar.zst
freebsd-ports-gnome-818e5a7dec907b4a879138e13cfd6c7dbd2f71ca.zip
Document OpenVPN <2.4.4 CVE-2017-12166 legacy vuln.
Security: CVE-2017-12166 Security: 3dd6ccf4-a3c6-11e7-a52e-0800279f2ff8
Diffstat (limited to 'security/vuxml/vuln.xml')
-rw-r--r--security/vuxml/vuln.xml35
1 files changed, 35 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 9d2ada9c58d3..7ee4a2be948c 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -58,6 +58,41 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="3dd6ccf4-a3c6-11e7-a52e-0800279f2ff8">
+ <topic>OpenVPN -- out-of-bounds write in legacy key-method 1</topic>
+ <affects>
+ <package>
+ <name>openvpn</name>
+ <range><ge>2.4.0</ge><lt>2.4.4</lt></range>
+ <range><lt>2.3.18</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Steffan Karger reports:</p>
+ <blockquote cite="https://community.openvpn.net/openvpn/wiki/CVE-2017-12166">
+ <p>The bounds check in read_key() was performed after using the value,
+ instead of before. If 'key-method 1' is used, this allowed an
+ attacker to send a malformed packet to trigger a stack buffer
+ overflow. [...]</p>
+ <p>Note that 'key-method 1' has been replaced by 'key method 2' as the
+ default in OpenVPN 2.0 (released on 2005-04-17), and explicitly
+ deprecated in 2.4 and marked for removal in 2.5. This should limit
+ the amount of users impacted by this issue.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://community.openvpn.net/openvpn/wiki/CVE-2017-12166</url>
+ <url>https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15492.html</url>
+ <cvename>CVE-2017-12166</cvename>
+ </references>
+ <dates>
+ <discovery>2017-09-21</discovery>
+ <entry>2017-09-27</entry>
+ </dates>
+ </vuln>
+
<vuln vid="16fb4f83-a2ab-11e7-9c14-009c02a2ab30">
<topic>ImageMagick -- denial of service via a crafted font file</topic>
<affects>